const tokenUtils = require('../utils/tokenUtils');

exports.verifyToken = (req, res, next) => {
    const authHeader = req.headers.authorization;

    if (!authHeader) {
        return res.status(401).json({
            status: 401,
            message: '未提供认证令牌'
        });
    }

    const token = authHeader.split(' ')[1];
    const decoded = tokenUtils.verifyToken(token);

    if (!decoded) {
        return res.status(401).json({
            status: 401,
            message: '令牌无效或已过期'
        });
    }

    // 将用户ID添加到请求对象
    req.userId = decoded.userId;
    next();
}; 